But what if someone comes and says, like: "Hello there, I own this domain now you're hosting. Can I read all emails that were ever send from it?"
Nope, they won't be able to read the emails already sent on it.
But if someone later on proves ownership of a domain that you previously owned and wants to be our customer, we probably will get in touch with you and ask you to remove the domain and any existing aliases or users in the same domain, so the new customer can use this domain. At that point, the domain and aliases are not useful for you, so there is no point in keeping those around.
Its important that you enable 2FA for your account. If you do that, they will have to have access to your backup address as well as the second factor to gain access to your account, so even if they have your email address running elsewhere, they will still be stopped by the 2FA requirement.
Regards